protected boolean hasModifyS2sEnroutePermission(Document document, Person user) { DocumentRequestAuthorizationCache documentRequestAuthorizationCache = getDocumentRequestAuthorizationCache(document); final String cacheKey = buildPermissionCacheKey(document, user, PermissionConstants.MODIFY_S2S_ENROUTE); Boolean cachedResult = getCachedPermissionResult(document, cacheKey); boolean hasS2sPermission; if (cachedResult != null) { hasS2sPermission = cachedResult; } else { ProposalDevelopmentDocument pdDocument = (ProposalDevelopmentDocument) document; hasS2sPermission = getKcAuthorizationService() .hasPermission( user.getPrincipalId(), pdDocument, PermissionConstants.MODIFY_S2S_ENROUTE); } final ProposalDevelopmentDocument pdDocument = ((ProposalDevelopmentDocument) document); final DevelopmentProposal proposal = pdDocument.getDevelopmentProposal(); if (proposal.isChild() && hasS2sPermission) { final Document parent = proposal.getParent().getDocument(); final String parentResultCacheKey = buildPermissionCacheKey(parent, user, PermissionConstants.MODIFY_S2S_ENROUTE); documentRequestAuthorizationCache.getPermissionResultCache().remove(parentResultCacheKey); hasS2sPermission = isAuthorizedToModifyBudget(parent, user); } addCachedPermissionResult(document, cacheKey, hasS2sPermission); return hasS2sPermission; }
@Override public Set<String> getEditModes(Document document, Person user, Set<String> currentEditModes) { Set<String> editModes = new HashSet<>(); ProposalDevelopmentDocument proposalDoc = (ProposalDevelopmentDocument) document; DevelopmentProposal developmentProposal = proposalDoc.getDevelopmentProposal(); String proposalNbr = developmentProposal.getProposalNumber(); // The getEditMode() method is invoked when a proposal is accessed for creation and when it // is accessed for modification. New proposals under creation don't have a proposal number. // For a new proposal, we have to know if the user has the permission to create a proposal. // For a current proposal, we have to know if the user the permission to modify or view the // proposal. if (proposalNbr == null) { if (isAuthorizedToCreate(document, user)) { editModes.add(AuthorizationConstants.EditMode.FULL_ENTRY); setPermissions(user, proposalDoc, editModes); } else { editModes.add(AuthorizationConstants.EditMode.UNVIEWABLE); } } else { if (canEdit(document, user)) { editModes.add(AuthorizationConstants.EditMode.FULL_ENTRY); setPermissions(user, proposalDoc, editModes); } else if (isAuthorizedToView(document, user)) { editModes.add(AuthorizationConstants.EditMode.VIEW_ONLY); setPermissions(user, proposalDoc, editModes); } else { editModes.add(AuthorizationConstants.EditMode.UNVIEWABLE); } } return editModes; }
@Transactional @RequestMapping( value = "/proposalDevelopment", params = {"methodToCall=viewUserAttachedFormPDF"}) public ModelAndView viewUserAttachedFormPDF( ProposalDevelopmentDocumentForm form, HttpServletResponse response, @RequestParam("selectedLine") String selectedLine) throws Exception { DevelopmentProposal developmentProposal = form.getDevelopmentProposal(); List<S2sUserAttachedForm> s2sAttachedForms = developmentProposal.getS2sUserAttachedForms(); S2sUserAttachedForm selectedForm = s2sAttachedForms.get(Integer.parseInt(selectedLine)); S2sUserAttachedFormFileContract userAttachedFormFile = getUserAttachedFormService().findUserAttachedFormFile(selectedForm); if (userAttachedFormFile != null) { ControllerFileUtils.streamToResponse( userAttachedFormFile.getFormFile(), selectedForm.getFormFileName(), CONTENT_TYPE_PDF, response); } else { return getModelAndViewService().getModelAndView(form); } return null; }
@Override protected void prepareData(ProposalDevelopmentDocument document) throws Exception { DevelopmentProposal developmentProposal = document.getDevelopmentProposal(); ProposalType type = new ProposalType(); type.setCode("5"); developmentProposal.setProposalType(type); ProposalYnq proposalYnq = new ProposalYnq(); proposalYnq.setAnswer("Y"); proposalYnq.setQuestionId("21"); Ynq ynq = new Ynq(); ynq.setQuestionId("21"); ynq.setGroupName("groupName"); ynq.setDescription("description"); ynq.setEffectiveDate(new Date(1)); ynq.setNoOfAnswers(1); ynq.setQuestionType("A"); ynq.setStatus("A"); proposalYnq.setYnq(ynq); saveBO(ynq); ProposalYnq proposalYnq1 = new ProposalYnq(); proposalYnq1.setAnswer("Y"); proposalYnq1.setQuestionId("FG"); Ynq ynq1 = new Ynq(); ynq1.setQuestionId("FG"); ynq1.setGroupName("groupName1"); ynq1.setDescription("description1"); ynq1.setEffectiveDate(new Date(1)); ynq1.setNoOfAnswers(1); ynq1.setQuestionType("B"); ynq1.setStatus("B"); proposalYnq1.setYnq(ynq1); saveBO(ynq1); List<ProposalYnq> ynqList = new ArrayList<ProposalYnq>(); ynqList.add(proposalYnq); ynqList.add(proposalYnq1); proposalYnq.setProposalNumber(document.getDevelopmentProposal().getProposalNumber()); proposalYnq1.setProposalNumber(document.getDevelopmentProposal().getProposalNumber()); developmentProposal.setProposalYnqs(ynqList); ProposalAbstract propsAbstract = new ProposalAbstract(); propsAbstract.setAbstractTypeCode("15"); propsAbstract.setAbstractDetails("details details"); propsAbstract.setProposalNumber(document.getDevelopmentProposal().getProposalNumber()); ProposalAbstract propsAbstract1 = new ProposalAbstract(); propsAbstract1.setAbstractTypeCode("12"); propsAbstract1.setAbstractDetails("details details1"); propsAbstract1.setProposalNumber(document.getDevelopmentProposal().getProposalNumber()); List<ProposalAbstract> proList = new ArrayList<ProposalAbstract>(); proList.add(propsAbstract); proList.add(propsAbstract1); developmentProposal.setProposalAbstracts(proList); document.setDevelopmentProposal(developmentProposal); }
/** Create the mock services and insert them into the protocol auth service. */ @Before public void setUp() throws Exception { fundingSponsorSourceType = new FundingSourceType(); fundingSponsorSourceType.setFundingSourceTypeCode(FundingSourceType.SPONSOR); fundingSponsorSourceType.setFundingSourceTypeFlag(true); fundingSponsorSourceType.setDescription("Sponsor"); fundingUnitSourceType = new FundingSourceType(); fundingUnitSourceType.setFundingSourceTypeCode(FundingSourceType.UNIT); fundingUnitSourceType.setFundingSourceTypeFlag(true); fundingUnitSourceType.setDescription("Unit"); fundingOtherSourceType = new FundingSourceType(); fundingOtherSourceType.setFundingSourceTypeCode(FundingSourceType.OTHER); fundingOtherSourceType.setFundingSourceTypeFlag(true); fundingOtherSourceType.setDescription("Other"); fundingDevProposalSourceType = new FundingSourceType(); fundingDevProposalSourceType.setFundingSourceTypeCode(FundingSourceType.PROPOSAL_DEVELOPMENT); fundingDevProposalSourceType.setFundingSourceTypeFlag(true); fundingDevProposalSourceType.setDescription("Proposal Development"); fundingInstProposalSourceType = new FundingSourceType(); fundingInstProposalSourceType.setFundingSourceTypeCode( FundingSourceType.INSTITUTIONAL_PROPOSAL); fundingInstProposalSourceType.setFundingSourceTypeFlag(true); fundingInstProposalSourceType.setDescription("Institutional Proposal"); fundingAwardSourceType = new FundingSourceType(); fundingAwardSourceType.setFundingSourceTypeCode(FundingSourceType.AWARD); fundingAwardSourceType.setFundingSourceTypeFlag(true); fundingAwardSourceType.setDescription("Award"); // sponsorGood = new Sponsor(); // sponsorGood.setSponsorName(sponsorNameAirForce); // sponsorGood.setSponsorCode(SPONSOR_NUMBER_AIR_FORCE); sponsorGood = KcServiceLocator.getService(SponsorService.class).getSponsor(SPONSOR_NUMBER_AIR_FORCE); sponsorNameAirForce = sponsorGood.getSponsorName(); devProposalGood = new DevelopmentProposal(); devProposalGood.setTitle(DEV_PROPOSAL_TITLE_GOOD); devProposalGood.setSponsorCode(sponsorGood.getSponsorCode()); instProposalGood = new InstitutionalProposal(); instProposalGood.setTitle(INST_PROPOSAL_TITLE_GOOD); instProposalGood.setSponsorCode(sponsorGood.getSponsorCode()); awardGood = new Award(); awardGood.setTitle(AWARD_TITLE_GOOD); awardGood.setSponsorCode(sponsorGood.getSponsorCode()); }
protected boolean hasPermissionByOwnedByUnit(Document document, Person user) { final ProposalDevelopmentDocument pdDocument = ((ProposalDevelopmentDocument) document); final DevelopmentProposal proposal = pdDocument.getDevelopmentProposal(); String unitNumber = proposal.getOwnedByUnitNumber(); // If the unit number is not specified, we will let the save operation continue because it // will fail with an error. But if the user tries to save a proposal for a wrong unit, then // we will indicate that the user does not have permission to do that. return (unitNumber != null && getUnitAuthorizationService() .hasPermission( user.getPrincipalId(), unitNumber, Constants.MODULE_NAMESPACE_PROPOSAL_DEVELOPMENT, PermissionConstants.CREATE_PROPOSAL) || unitNumber == null); }
protected boolean canSaveCertification(ProposalDevelopmentDocument document, Person user) { final DevelopmentProposal proposal = document.getDevelopmentProposal(); DocumentRequestAuthorizationCache documentRequestAuthorizationCache = getDocumentRequestAuthorizationCache(document); boolean hasSaveCertificationPermission; final String saveCertificationCacheKey = buildPermissionCacheKey(document, user, SAVE_CERTIFICATION); if (documentRequestAuthorizationCache.hasPermissionResult(saveCertificationCacheKey)) { hasSaveCertificationPermission = documentRequestAuthorizationCache.getPermissionResult(saveCertificationCacheKey); } else { hasSaveCertificationPermission = isProposalStateEditableForCertification(document.getDevelopmentProposal()) && document .getDevelopmentProposal() .getProposalPersons() .stream() .filter( person -> getProposalDevelopmentPermissionsService() .hasCertificationPermissions(document, user, person)) .anyMatch(person -> true); } if (proposal.isChild() && hasSaveCertificationPermission) { final Document parent = proposal.getParent().getDocument(); final String parentResultCacheKey = buildPermissionCacheKey(parent, user, SAVE_CERTIFICATION); documentRequestAuthorizationCache.getPermissionResultCache().remove(parentResultCacheKey); hasSaveCertificationPermission = canSaveCertification((ProposalDevelopmentDocument) parent, user); } documentRequestAuthorizationCache.addPermissionResult( saveCertificationCacheKey, hasSaveCertificationPermission); return hasSaveCertificationPermission; }
protected void populateRequiredFields( Protocol protocol, ProposalDevelopmentDocument proposalDocument) throws Exception { DevelopmentProposal developmentProposal = proposalDocument.getDevelopmentProposal(); developmentProposal.setTitle(protocol.getTitle()); developmentProposal.setOwnedByUnit(protocol.getLeadUnit().getUnit()); developmentProposal.setOwnedByUnitNumber(protocol.getLeadUnitNumber()); developmentProposal.setRequestedStartDateInitial(new Date(System.currentTimeMillis())); ParameterService parameterService = KcServiceLocator.getService(ParameterService.class); String projectEndDateParameter = parameterService.getParameterValueAsString( ProtocolDocument.class, ProtocolProposalDevelopmentDocumentService.PROJECT_END_DATE_NUMBER_OF_YEARS); int numberOfYears = Integer.parseInt(projectEndDateParameter); Calendar calendar = Calendar.getInstance(); calendar.add(Calendar.YEAR, numberOfYears); calendar.add(Calendar.DATE, -1); Date projectEndDate = new Date(calendar.getTimeInMillis()); developmentProposal.setRequestedEndDateInitial(projectEndDate); String activityTypeCode = ProposalDevelopmentUtils.getProposalDevelopmentDocumentParameter( ProposalDevelopmentUtils.ACTIVITY_TYPE_CODE_RESEARCH_PARM); String proposalTypeCode = ProposalDevelopmentUtils.getProposalDevelopmentDocumentParameter( ProposalDevelopmentUtils.PROPOSAL_TYPE_CODE_NEW_PARM); developmentProposal.setActivityTypeCode(activityTypeCode); developmentProposal.setProposalTypeCode(proposalTypeCode); // find sponsor from funding source List<ProtocolFundingSourceBase> protocolFundingSources = protocol.getProtocolFundingSources(); ProtocolFundingSource sponsorProtocolFundingSource = null; for (ProtocolFundingSourceBase protocolFundingSource : protocolFundingSources) { if (protocolFundingSource.isSponsorFunding()) { sponsorProtocolFundingSource = (ProtocolFundingSource) protocolFundingSource; break; } } if (sponsorProtocolFundingSource != null) { developmentProposal.setSponsorCode(sponsorProtocolFundingSource.getFundingSourceNumber()); } }
protected boolean isAuthorizedToModifyBudget(Document document, Person user) { final ProposalDevelopmentDocument pdDocument = ((ProposalDevelopmentDocument) document); final DevelopmentProposal proposal = pdDocument.getDevelopmentProposal(); DocumentRequestAuthorizationCache documentRequestAuthorizationCache = getDocumentRequestAuthorizationCache(pdDocument); boolean hasModifyBudgetPermission; final String modifyBudgetCacheKey = buildPermissionCacheKey(pdDocument, user, MODIFY_BUDGET); if (documentRequestAuthorizationCache.hasPermissionResult(modifyBudgetCacheKey)) { hasModifyBudgetPermission = documentRequestAuthorizationCache.getPermissionResult(modifyBudgetCacheKey); } else { hasModifyBudgetPermission = getKcAuthorizationService() .hasPermission(user.getPrincipalId(), pdDocument, PermissionConstants.MODIFY_BUDGET); } boolean rejectedDocument = getKcDocumentRejectionService() .isDocumentOnInitialNode(pdDocument.getDocumentHeader().getWorkflowDocument()); hasModifyBudgetPermission = ((!getKcWorkflowService().isInWorkflow(pdDocument) || rejectedDocument) && hasModifyBudgetPermission); if (proposal.isChild() && hasModifyBudgetPermission) { final Document parent = proposal.getParent().getDocument(); final String parentResultCacheKey = buildPermissionCacheKey(parent, user, MODIFY_BUDGET); documentRequestAuthorizationCache.getPermissionResultCache().remove(parentResultCacheKey); hasModifyBudgetPermission = isAuthorizedToModifyBudget(parent, user); } documentRequestAuthorizationCache.addPermissionResult( modifyBudgetCacheKey, hasModifyBudgetPermission); return hasModifyBudgetPermission; }
/** * Constructs a ProposalPersonModuleQuestionnaireBean.java. * * @param developmentProposal * @param person */ public ProposalPersonModuleQuestionnaireBean( DevelopmentProposal developmentProposal, ProposalPerson person) { super( CoeusModule.PROPOSAL_DEVELOPMENT_MODULE_CODE, person.getUniqueId(), getSubModuleItemCode(person.getProposalPersonRoleId()), person.getPersonId() != null ? person.getPersonId() : "0", developmentProposal .getProposalDocument() .getDocumentHeader() .getWorkflowDocument() .isApproved()); setDevelopmentProposal(developmentProposal); }
@Override public List<? extends AbstractUnitAdministrator> getUnitAdministrators( Map<String, String> qualifiers) { String proposalNumber = qualifiers.get(KcKimAttributes.PROPOSAL); List<UnitAdministrator> result = new ArrayList<UnitAdministrator>(); if (proposalNumber != null) { DevelopmentProposal proposal = getDataObjectService().find(DevelopmentProposal.class, proposalNumber); HashSet<String> units = new HashSet<String>(); for (ProposalPerson person : proposal.getProposalPersons()) { for (ProposalPersonUnit unit : person.getUnits()) { units.add(unit.getUnitNumber()); } } for (String unit : units) { if (StringUtils.isNotBlank(unit)) { result.addAll(unitService.retrieveUnitAdministratorsByUnitNumber(unit)); } } } return result; }
protected boolean isAuthorizedToMaintainProposalHierarchy(Document document, Person user) { final ProposalDevelopmentDocument pdDocument = ((ProposalDevelopmentDocument) document); final DevelopmentProposal proposal = pdDocument.getDevelopmentProposal(); DocumentRequestAuthorizationCache documentRequestAuthorizationCache = getDocumentRequestAuthorizationCache(pdDocument); boolean hasMaintainProposalHierarchyPermission; final String cacheKey = buildPermissionCacheKey(pdDocument, user, PermissionConstants.MAINTAIN_PROPOSAL_HIERARCHY); if (documentRequestAuthorizationCache.hasPermissionResult(cacheKey)) { hasMaintainProposalHierarchyPermission = documentRequestAuthorizationCache.getPermissionResult(cacheKey); } else { hasMaintainProposalHierarchyPermission = getKcAuthorizationService() .hasPermission( user.getPrincipalId(), pdDocument, PermissionConstants.MAINTAIN_PROPOSAL_HIERARCHY); } if (proposal.isChild() && hasMaintainProposalHierarchyPermission) { final Document parent = proposal.getParent().getDocument(); final String parentResultCacheKey = buildPermissionCacheKey(parent, user, PermissionConstants.MAINTAIN_PROPOSAL_HIERARCHY); documentRequestAuthorizationCache.getPermissionResultCache().remove(parentResultCacheKey); hasMaintainProposalHierarchyPermission = isAuthorizedToModifyBudget(parent, user); } documentRequestAuthorizationCache.addPermissionResult( cacheKey, hasMaintainProposalHierarchyPermission); return hasMaintainProposalHierarchyPermission; }
protected boolean isAuthorizedToModify(Document document, Person user) { DocumentRequestAuthorizationCache documentRequestAuthorizationCache = getDocumentRequestAuthorizationCache(document); final String resultCacheKey = buildPermissionCacheKey(document, user, IS_AUTHORIZED_TO_MODIFY); if (documentRequestAuthorizationCache.hasPermissionResult(resultCacheKey)) { return documentRequestAuthorizationCache.getPermissionResult(resultCacheKey); } final ProposalDevelopmentDocument pdDocument = ((ProposalDevelopmentDocument) document); final DevelopmentProposal proposal = pdDocument.getDevelopmentProposal(); if (!isEditableState(proposal.getProposalStateTypeCode())) { return false; } final String proposalNbr = proposal.getProposalNumber(); boolean hasPermission; if (proposalNbr == null) { hasPermission = hasPermissionByOwnedByUnit(document, user); } else { /* * After the initial save, the proposal can only be modified if it is not in workflow * and the user has the require permission. */ final boolean hasBeenRejected = ProposalState.REVISIONS_REQUESTED.equals(proposal.getProposalStateTypeCode()); hasPermission = !pdDocument.isViewOnly() && getKcAuthorizationService() .hasPermission( user.getPrincipalId(), pdDocument, PermissionConstants.MODIFY_PROPOSAL) && (!getKcWorkflowService().isInWorkflow(document) || hasBeenRejected) && !proposal.getSubmitFlag(); } if (proposal.isChild() && hasPermission) { final Document parent = proposal.getParent().getDocument(); final String parentResultCacheKey = buildPermissionCacheKey(parent, user, IS_AUTHORIZED_TO_MODIFY); documentRequestAuthorizationCache.getPermissionResultCache().remove(parentResultCacheKey); hasPermission = isAuthorizedToModify(parent, user); } documentRequestAuthorizationCache.addPermissionResult(resultCacheKey, hasPermission); return hasPermission; }
protected boolean isProposalStateEditableForCertification( DevelopmentProposal developmentProposal) { return getProposalStatesEditableForCertification() .contains(developmentProposal.getProposalStateTypeCode()); }
@Transactional @RequestMapping( value = "/proposalDevelopment", params = {"methodToCall=refresh", "refreshCaller=S2sOpportunity-LookupView"}) public ModelAndView refresh( @ModelAttribute("KualiForm") ProposalDevelopmentDocumentForm form, BindingResult result, HttpServletRequest request, HttpServletResponse response) throws Exception { ProposalDevelopmentDocument document = form.getProposalDevelopmentDocument(); DevelopmentProposal proposal = document.getDevelopmentProposal(); if (form.getNewS2sOpportunity() != null && StringUtils.isNotEmpty(form.getNewS2sOpportunity().getOpportunityId())) { proposal.setS2sOpportunity(form.getNewS2sOpportunity()); proposal.getS2sOpportunity().setDevelopmentProposal(proposal); // Set default S2S Submission Type if (StringUtils.isBlank(form.getNewS2sOpportunity().getS2sSubmissionTypeCode())) { String defaultS2sSubmissionTypeCode = getProposalTypeService().getDefaultSubmissionTypeCode(proposal.getProposalTypeCode()); proposal.getS2sOpportunity().setS2sSubmissionTypeCode(defaultS2sSubmissionTypeCode); getDataObjectService() .wrap(proposal.getS2sOpportunity()) .fetchRelationship("s2sSubmissionType"); } final String opportunityTitle = form.getNewS2sOpportunity().getOpportunityTitle(); String trimmedTitle = StringUtils.substring( opportunityTitle, 0, ProposalDevelopmentConstants.S2sConstants.OPP_TITLE_MAX_LENGTH); // Set Opportunity Title and Opportunity ID in the Sponsor & Program Information section proposal.setProgramAnnouncementTitle(trimmedTitle); proposal.setCfdaNumber(form.getNewS2sOpportunity().getCfdaNumber()); proposal.setProgramAnnouncementNumber(form.getNewS2sOpportunity().getOpportunityId()); form.setNewS2sOpportunity(new S2sOpportunity()); } S2sOpportunity s2sOpportunity = proposal.getS2sOpportunity(); try { if (s2sOpportunity != null && s2sOpportunity.getSchemaUrl() != null) { List<String> missingMandatoryForms = s2sSubmissionService.setMandatoryForms(proposal, s2sOpportunity); if (!CollectionUtils.isEmpty(missingMandatoryForms)) { globalVariableService .getMessageMap() .putError( Constants.NO_FIELD, KeyConstants.ERROR_IF_OPPORTUNITY_ID_IS_INVALID, s2sOpportunity.getOpportunityId(), StringUtils.join(missingMandatoryForms, ",")); proposal.setS2sOpportunity(null); } } } catch (S2sCommunicationException ex) { if (ex.getErrorKey().equals(KeyConstants.ERROR_GRANTSGOV_NO_FORM_ELEMENT)) { ex.setMessage(s2sOpportunity.getOpportunityId()); } globalVariableService .getMessageMap() .putError(Constants.NO_FIELD, ex.getErrorKey(), ex.getMessageWithParams()); proposal.setS2sOpportunity(new S2sOpportunity()); } super.save(form, result, request, response); return getRefreshControllerService().refresh(form); }